Class: LogStash::Outputs::Jsm

Inherits:

Base

• Object
• Base
• LogStash::Outputs::Jsm

Defined in:

lib/logstash/outputs/jsm.rb

Overview

The Jira Service Management output is used to Create, Close, Acknowledge Alerts and Add Note to alerts in Jira Service Management. For this output to work, your event must contain “jsmAction” field and you must configure apiKey field in configuration. If jsmAction is “create”, event must contain “message” field. For other actions (“close”, “acknowledge” or “note”), event must contain “alias” or “alertId” field.

If your event have the following fields (If you use default field names).

Example event:

"note" => "test note",
"jsmAction" => "create",
"teams" => ["teams"],
"description" => "test description",
"source" => "test source",
"message" => "test message",
"priority" => "P4",
"tags" => ["tags"],
"@timestamp" => 2017-09-15T13:32:00.747Z,
"@version" => "1",
"host" => "Neo's-MacBook-Pro.local",
"alias" => "test-alias",
"details" => {
"prop2" => "val2",
"prop1" => "val1"

,

"actions" => ["actions"],
"user" => "test user",
"entity" => "test entity"

}

An alert with following properties will be created.

{
  "message": "test message",
  "alias": "test alias",
  "teams": ["teams"],
  "description": "test description",
  "source": "test source",
  "note": "test note",
  "user": "test user",
  "priority": "P4",
  "tags": [
    "tags"
  ],
  "details": {
    "prop2": "val2",
    "prop1": "val1"
  },
  "actions": [
    "actions"
  ],
  "entity": "test entity",
}

Fields with prefix “Attribute” are the keys of the fields will be extracted from Logstash event.

Instance Method Summary

• #executePost(uri, params) ⇒ Object
• #populateAliasOrId(event, params) ⇒ Object
• #receive(event) ⇒ Object
• #register ⇒ Object

Instance Method Details

#executePost(uri, params) ⇒ Object

# File 'lib/logstash/outputs/jsm.rb', line 166

def executePost(uri, params)
  unless uri == nil then
    @logger.info("Executing url #{uri}")
    url = URI(uri)
    http = Net::HTTP.new(url.host, url.port, @proxy_address, @proxy_port)
    if url.scheme == 'https'
      http.use_ssl = true
      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
    end
    request = Net::HTTP::Post.new(url.request_uri, initheader = { "Content-Type" =>"application/json", "Authorization" => "GenieKey #{@apiKey}" })
    request.body = params.to_json
    response = http.request(request)
    body = response.body
    body = JSON.parse(body)
    @logger.warn("Executed [#{uri}]. Response:[#{body}]")
  end
end

#populateAliasOrId(event, params) ⇒ Object

# File 'lib/logstash/outputs/jsm.rb', line 151

def populateAliasOrId(event, params)
  alertAlias = event.get(@aliasAttribute) if event.get(@aliasAttribute)
  if alertAlias == nil then
    alertId = event.get(@alertIdAttribute) if event.get(@alertIdAttribute)
    if !(alertId == nil) then
      @identifierType = 'id'
      @identifier = alertId
    end
  else
    @identifierType = 'alias'
    @identifier = alertAlias
  end
end

#receive(event) ⇒ Object

# File 'lib/logstash/outputs/jsm.rb', line 185

def receive(event)
  return unless output?(event)

  @logger.info("processing #{event}")
  jsmAction = event.get(@actionAttribute) if event.get(@actionAttribute)
  if jsmAction then
    params = {}
    populateCommonContent(params, event)

    case jsmAction.downcase
    when "create"
      uri = "#{@jsmBaseUrl}"
      params = populateCreateAlertContent(params, event)
    when "close"
      uri = "#{@jsmBaseUrl}#{@identifier}#{@closeActionPath}?identifierType=#{@identifierType}"
    when "acknowledge"
      uri = "#{@jsmBaseUrl}#{@identifier}#{@acknowledgeActionPath}?identifierType=#{@identifierType}"
    when "note"
      uri = "#{@jsmBaseUrl}#{@identifier}#{@noteActionPath}?identifierType=#{@identifierType}"
    else
      @logger.warn("Action #{jsmAction} does not match any available action, discarding..")
        return
    end

    executePost(uri, params)
  else
    @logger.warn("No jsmAction defined")
    return
  end
end

#register ⇒ Object

# File 'lib/logstash/outputs/jsm.rb', line 147

def register
end